Overview

overview

10

Static

static

10

cryptoapp.apk

android-9-x86

8

cryptoapp.apk

android-10-x64

10

cryptoapp.apk

android-11-x64

10

Resubmissions

22-09-2022 05:59

220922-gpshqsdhcq 10

04-07-2022 03:32

220704-d3qdragdc8 8

30-06-2022 05:11

220630-fvqqnagaep 8

28-06-2022 09:39

220628-lmr7eaach9 7

21-06-2022 09:05

220621-k17nksegh6 8

Analysis

  • max time kernel
    1674165s
  • max time network
    163s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    22-09-2022 05:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cryptoapp.apk

  • Size

    3.7MB

  • MD5

    520855bdec84895dd57eb97e5f30b6e3

  • SHA1

    51428eaafc0d544da9a56ba00b8c9c774a01153f

  • SHA256

    b12dd66de4d180d4bbf4ae23f66bac875b3a9da455d9010720f0840541366490

  • SHA512

    b608aa376c1919cfad95d1ec31943b9350f8c25d30f60610dd1263e08b75fb5c400e635aee815fa29d186b9887e57b5cbb592e67d2e987a858e53e5f3d7c7e26

  • SSDEEP

    98304:Yc4aG4U0q90ueyK2KvJ+1uznRUGNlytq4hh4RCNpp5rbMkt:Y1P4IBH90zhQqrRC7n/t

Score
10/10
malibotbankerinfostealertrojan

Malware Config

Signatures

  • malibot

    Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.

    infostealertrojanbankermalibot
  • Looks up external IP address via web service 3 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

Processes

  • werwerwee.qwetrydsf.yfdefes
    1⤵
      PID:4839

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/app_icons.db
      Filesize

      1.4MB

      MD5

      9b3807b2b02df60afc57aeb7848b5861

      SHA1

      157b7b0cc3a47253aa0005c3cfff0ee56a904da7

      SHA256

      c60a253f4eea947b035678c46050d869ea076d3c466805d4120a7db9e30b75e6

      SHA512

      0407cca3ecb8e79e802173c764efe548144be81281a06aac4c88e3f8126342ae6a141806cafb8458fe50cf57673f4aa7ccd6af74929db26f20f84a9441adf1eb

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/app_icons.db-journal
      Filesize

      1KB

      MD5

      a34a7d17a00291d7b934254b9cb8e0df

      SHA1

      d2bd7add8fca50e26343f4e8a1981b22afd8460f

      SHA256

      82ee2f575edf8af9ef76f217e3399a48df86d3af47fe9c02211c4fffe66a2163

      SHA512

      19b0650348470c17d15678865825bf43907ee181e6ceda35cd747ead1be8af0fbadd6ce524cdc3c3dc5d6009bbea92702ac470a0e73dcbd9bfac7a7ee1749a06

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/launcher.db
      Filesize

      184KB

      MD5

      0660efea872a9fa8b1be83e7c478533f

      SHA1

      a47e63b4b6ad3e3afadcbb73a957b13ef095d072

      SHA256

      105224c36a475fe2e5b7b6916038f552cdd9f1ec7b771a631a0e6c42ed7e8942

      SHA512

      73f9e4c3a5dee7dae1bd6991a7eaec5a669fdb3c3006f8895f7892c4e0b7f7897c22f6778a33933a0f006489f5769694d1518142a49175e644d036edaf02d5aa

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/launcher.db-journal
      Filesize

      1KB

      MD5

      18de798542fded289c892ffc8833caa6

      SHA1

      33e0b6fef5d054705a4237d236ae46cf52855e88

      SHA256

      a5dfe3bae07a5d49c4079f5e8009b3fe3952710a64bcfe842ccb53ecebd612b1

      SHA512

      bcd4c0ace68f77b40a6e71719bf507abebc85b763a3c0c390c26eb8ef5fac2bf2290c7ac234a0696018337fa9dbf3f2a05d3c77c109fc150e79b9e14a98f0c17

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/widgetpreviews.db
      Filesize

      72KB

      MD5

      e14ecf37ac4e0141a761e05e83c52d10

      SHA1

      83beea637b3ed3071ad86337113ed3f911ef1f97

      SHA256

      86c382b3414ef54712b27832b0f4f40d70fd34135e02889b3a37c24a2e1dfbe8

      SHA512

      8d14128e4d7a75bced9aa9803fe80cb77277f626dba50206917527677d31ba07f086aeb53153bf5da6196e04ce357b9864305d7e0fedc0382feac4d95b845d97

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/widgetpreviews.db-journal
      Filesize

      1KB

      MD5

      c349b9cb7274f0a116dc12a7512466e3

      SHA1

      3279d3ffce60f590beac29fd7c6c7e55d45f1430

      SHA256

      c9ad59d43bbdba6b65fcc77e4bad752a6f8dd0398ef4d2568583b11e477b7bb9

      SHA512

      c3553a6e56ab9312148cb6e3462b3a799746141aa33e1751980c73c3df7be5aa44766ea3febc5f05c0da8a72b69bbaf66a5a10a2a4af8e9026509a46f44d0acc

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/files/downgrade_schema.json
      Filesize

      1KB

      MD5

      70435833064f71228d8d001901b56873

      SHA1

      2d68b64360bb323366fadab675f387c74b42a23a

      SHA256

      73353cdbb7fbf2ee224948f35a950ad7bbaad5269b59471e690b34988ecc19e2

      SHA512

      fb7642c1c01aeacc3d5748b8be977ef272e7e9325cfd9e64b8638d4be84ff030cab8483a92ea677ffc246223df81e4b2c544e121943ac9acc8e79b6255b5b55a

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.device.prefs.xml
      Filesize

      140B

      MD5

      01284865f6e6300b041bc265c22022de

      SHA1

      9a02a931ce5b86e43b12068fce67176413f7e03c

      SHA256

      98c0fdef33b0793f97e87fd9fbe3eb71355390adc38f65f528923ffaf6d9f17f

      SHA512

      be44c48e972d52fbfb2ef0196340610c1b24ba236af2d74e9e350e9a7c9aea8eac97bb8a140973de792d43adef1e45806babcf05dd10e5085fa304e649cd9e52

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.managedusers.prefs.xml
      Filesize

      65B

      MD5

      9781ca003f10f8d0c9c1945b63fdca7f

      SHA1

      4156cf5dc8d71dbab734d25e5e1598b37a5456f4

      SHA256

      3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

      SHA512

      25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
      Filesize

      128B

      MD5

      20837fd8daf2a2de8d6c4ccd8e90653a

      SHA1

      7ac08617bd4585151c239325aea243d9eca586f7

      SHA256

      e05f0ae0ee70ef2efac07e999da273b5f506462b67549f9080f6cdf469d70cec

      SHA512

      a4fd7ac1ce847a84fe4f47c2e7079f00b16b86213fe840b70e3a55992a043da99ca6fe1c9a723e709e2ee3985ed3b7c5a299d1cf5b29e8228f3f81d3cbb6876a

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
      Filesize

      187B

      MD5

      40629fd218a1921144fccde51155abc1

      SHA1

      259981316f38f3b538443eac60839b8b0268c774

      SHA256

      edc51de6ea378118e3aee11c10db88b84059deeaaed9434cfe4154d73b149306

      SHA512

      013143b1efeca433127b20ae5ff045259ff19ce90729a66c218921d825293038747f5251043fd511533263eddb8f7ada758b75f62981044da872e2e5322b0943

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
      Filesize

      405B

      MD5

      67dce169e73475e1eb94437105689584

      SHA1

      6a473b4cb597088f9766ea6e5ed49378b3b2e6c4

      SHA256

      8ee6d0d12cc6588a8d0463a9213e43aa5b73906b79d403b682bf6f5c737c2154

      SHA512

      f10935fcc230e9c15b3d25d74ad4248381c49fa0e4228c005cfa3e2f9612d41af3bff1884f654e0f728da935dd5019cbe0ccafb2bc223560b6025ebe70dc532f

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
      Filesize

      344B

      MD5

      40e6801daac7f1acd559c527a34cdf6d

      SHA1

      832ac9144f5b1d76b309c0228e63d0878e8a8f7d

      SHA256

      a7d09131de77bab23af3f8f10290af517d6f0bafe3c0257b108edf837f3097e5

      SHA512

      77a0e86e62336afda48a3d51c2b4a79e32003a77efcccb0f2619e827c787701c258e8b29bcf3f994555d00a05e8039f2461caec57fef90e7a631f99d9630a1db

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
      Filesize

      403B

      MD5

      a44c2fb81476599162792952dc18e93d

      SHA1

      8b2dd43570ac7ccda7648c90f13788c1d507e51c

      SHA256

      8f27506efdf280d6a67f8cd3fd10307cc597e7dd40315f0cb100b171e432b0a7

      SHA512

      fe17a9cb751a4c4c7185e178b66a91e1113e4bddaa49429a0d36e1e2137a08d0bd8ec5531602debd1ae6e48a8e7a468d5b6ed47d8122608f755809d4b13f1734

      Download Submit

    • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
      Filesize

      344B

      MD5

      40e6801daac7f1acd559c527a34cdf6d

      SHA1

      832ac9144f5b1d76b309c0228e63d0878e8a8f7d

      SHA256

      a7d09131de77bab23af3f8f10290af517d6f0bafe3c0257b108edf837f3097e5

      SHA512

      77a0e86e62336afda48a3d51c2b4a79e32003a77efcccb0f2619e827c787701c258e8b29bcf3f994555d00a05e8039f2461caec57fef90e7a631f99d9630a1db

      Download Submit